I’ve been watching the recent slew of Internet Explorer exploits with some concern since these vulnerabilities could affect FeedDemon users while browsing with IE. Even though Microsoft has attempted to address these problems by explaining how to increase your browser safety, I decided I needed to resolve them directly in FeedDemon to make sure my customers are protected.

To make a long story short, earlier today I uploaded FeedDemon 1.11. Starting with this release, FeedDemon no longer allows browsing URLs that use the ms-its, ms-itss, its, mk or mhtml protocols (here’s why this is necessary). In addition, I’ve improved the security of FeedDemon’s newspapers by removing all potentially unsafe HTML elements and attributes before displaying the contents of any feed.

• Download FeedDemon 1.11
• Release notes

Just install this release directly on top of version 1.0 or version 1.10 and your settings will be retained. Note that because this is a security-related update which I want all FeedDemon customers to use, I decided to reset the expiration date for users of the trial version – so if your trial version is set to expire soon, you get to start over with 20 more days of usage.

PS: If you want to stop using IE altogether, see this blog entry about using Mozilla inside FeedDemon.

IMPORTANT NOTE FOR THOSE USING SOFTWARE FIREWALLS: If after upgrading to version 1.11 you discover that FeedDemon no longer updates any feeds, it is almost certainly because your firewall is blocking the new version. If you experience this problem, you need to configure your firewall to allow the newer version of FeedDemon to access the Internet.